Firstly thanks for creating a great set of products, Bitnami have a lot to be proud of!.
We created the theme, all jquery, bootstrap etc is served by us. We did have a http:// link for a youtube banner we were playing around with but that is gone now. All header links are called and served served with https://. We examined the image issue. If we serve a generated image from Gravatar, no issues as they are also using https and that images displays ok. We think the issue lies between the load balancer and the EC2 instance. The EC2 Bitnami application server instance is not allowing SSL to be forced upon it. How do we know this? The images that we save through the application are saved directly to the usual wordpress/content/images/month/day directory on the EC2 Bitnami application server. When we request these images in the form of embedding them in a page or a profile, the browser does not display them as they are mixed http content. Strangely if we move the images to the theme directory it displays on Chrome but not Firefox. This is what we have done:
1. Changed the cert from *.mydomain.com as default to www.mydomain.com as default and have both certs attached to the domain, that failed.
2. Forced SSL in the wp-config.php file by pointing directly at the domain and after that failed also the EC2 DNS name, that failed.
3. Altered the bitnami.conf file in the opt/bitnami/apache/conf/bitnami directory with your recommended adds and AWS adds, this did not work.
- There are no plugins that are affecting SSL, we only use our created plugins and they call our site only. We also turned off the caching, this did not help.
We have overarching the platform Cloudflare, we turned on SSL Strict, we have extreme Content Security Policies as well. Strangely, if we turn off Cloudflare the site does not serve.
Because this is HA with Cloudformation, could the issue be stemming from RDS or S3? It does make sense but worth asking anyway.
Can you please examine the config code from the bitnami-support app and advise?
Thanks in advance.